beautypg.com

Enabling sending icmp error messages, Dhcp snooping support for option 82, Dhcp snooping configuration task list – H3C Technologies H3C S12500-X Series Switches User Manual

Page 112

background image

101

Step Command

Remarks

2.

Configure TCP
timers.

Configure the TCP SYN wait timer:

tcp timer syn-timeout time-value

Configure the TCP FIN wait timer:

tcp timer fin-timeout time-value

By default:

The TCP SYN wait timer is 75

seconds.

The TCP FIN wait timer is 675

seconds.

Enabling sending ICMP error messages

Perform this task to enable sending ICMP error messages, including redirect, time-exceeded, and

destination unreachable messages.

ICMP redirect messages
A host that has only one default route sends all packets to the default gateway. The default
gateway sends an ICMP redirect message to inform the host of a correct next hop by following

these rules:

{

The receiving and sending interfaces are the same.

{

The selected route is not created or modified by any ICMP redirect messages.

{

The selected route is not destined for 0.0.0.0.

{

There is no source route option in the received packet.

ICMP redirect messages simplify host management and enable hosts to gradually optimize their
routing table.

ICMP time-exceeded messages
A device sends ICMP time-exceeded messages by following these rules:

{

If a received packet is not destined for the device and the TTL field of the packet is 1, the device

sends an ICMP TTL Expired in Transit message to the source.

{

When the device receives the first fragment of an IP datagram destined for it, it starts a timer. If
the timer expires before all the fragments of the datagram are received, the device sends an

ICMP Fragment Reassembly Timeout message to the source.

ICMP destination unreachable messages
A device sends ICMP destination unreachable messages by following these rules:

{

If a packet does not match any route and there is no default route in the routing table, the device
sends a Network Unreachable ICMP error message to the source.

{

If a packet is destined for the device but the transport layer protocol of the packet is not
supported by the device, the device sends a Protocol Unreachable ICMP error message to the

source.

NOTE:

If a DHCP enabled device receives an ICMP echo reply without sending any ICMP echo requests,
the device does not send any Protocol Unreachable ICMP error messages to the source. For more

information about DHCP, see

Layer 3—IP Services Configuration Guide.

{

If a UDP packet is destined for the device but the packet's port number does not match the
corresponding process, the device sends the source a Port Unreachable ICMP error message.

This manual is related to the following products: